Reputation: 2564
.htaccess file content to allow access to one file and one folder only
For the below files and folder structure
beta
folder1
folder2
folder3
file1.php
file2.php
I need to restrict access to all files and folders with the exception of folder2 and file2.php. only.
My .htaccess file currently looks like this:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/folder2%$
RewriteCond %{REQUEST_URI} !/file2.php
RewriteRule $ /beta/file2.php [R=302,L]
The above does work in one system, but not from other system.
Can you point out what i am doing wrong here?
Upvotes: 1
Views: 3001
Answers (2)
Reputation: 143886
Try changing your rules around so that you let the 2 folders pass through then redirect everything to file2:
Options +FollowSymlinks
RewriteEngine on
RewriteBase /beta/
RewriteRule ^file2\.php - [L]
RewriteRule ^folder2 - [L]
RewriteRule ^ file2.php [L,R=302]
The error you were getting is probably from the % that you had in your condition.
If you want to outright forbid access to anything else, you can change the last rule to:
RewriteRule ^ - [L,F]
If you dont mind can you please explain each line ?
The RewriteBase directive lets the rewrite engine know that relative paths have a URI-base of /beta/. So all of the files/pathnames that don't start with a / will automatically have that base.
The next two rules simply matches against the URI and does a "pass through" using the - character, which means, "don't do anything". So when you request /folder2 or /file2.php, the rewrite engine does nothing and lets the request through as if nothing happened. But if the request is anything else, the first 2 rules won't match and the last rule will match because the regex is ^, which matches everything. The target of that rule redirects everything to /beta/file2.php (because of the base).
The forbidden rule with the F flag in the square brackets is the same thing, If the request isn't for the folder2 or file2.php, then that rule will match it (^) and it passes it through (-) but the F flag makes it return a "403 Forbidden" instead of serving whatever the request was for.
Upvotes: 4
Reputation: 1811
Use REQUEST_FILENAME insted of REQUEST_URI I hope this will help
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !/folder2
RewriteCond %{REQUEST_FILENAME} !/file2.php
RewriteRule $ /file2.php [R=302,L]
Upvotes: 0
Related Questions
- .htaccess to rewrite rules and block file access for specific folder
- htaccess - Block access to a directory but allow access to files in a specific directory
- .htaccess allow access to more than one file PHP
- Grant access to only one directory with .htaccess
- .htaccess to restrict access to folder
- How can I allow access to a specific folder with htaccess?
- How to allow access to a specific file/folder path with htaccess
- allow a dir in .htaccess
- Allow access to one directory with htaccess?
- htaccess // allow only certain file or folder?